thus Eero Volotinen spake:
>> Probably not, or someone would have found them in the last five years.
> 
> Probably yes, it's hard to security audit complex software packages.

Yes; my bet would be that OpenBSD's smtpd will be the most secure MTA 
(when it hits the streets for production). That does NOT mean that it is 
scalable (well, yet to prove).

>>> At least I don't want to run software with poor security track on my 
>>> public servers.
>> So you don't run the Linux kernel?  Wade through the changelog sometime.   
>> Or 
>> BIND?  it is unrealistic to think large software packages don't have bugs or 
>> that they won't be found and fixed over time.
> 
> I usually prefer softwares with good security track. Anyway kernel is 
> not usually exposed directly to internet,

An IP stack which is part of the kernel *is* (more or less) directly 
exposed to the internet as long as there's the appropriate cable 
connected to that machine.

> but some server software are 
> directly.
> Eero

Regards,

Timo
_______________________________________________
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Reply via email to